boring_services 0.2.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: afc3d44acfb6c7fe4d741a643dc87d08b2b9ae371daa24a054dea6c25f6c6429
+  data.tar.gz: d2c240bdbfe39bf716ac2025e4f8249b01e3b5dceda5fa6766601aeca308abb0
+SHA512:
+  metadata.gz: 924f46cbdd506ecd7212bdd0836aa557f8e397986861f21f684f9d0e7a02d1ede2a627e1aca67adb11f4a7faf94ef207ca1dc4476c2e5768ee80ddc6420cd714
+  data.tar.gz: 180534ff00c723563bd8e09bd022d94e100cf9f2e864cfe561db2021d288cd2a818957fe9baef5436af267d69b5876df7c1e67560dc974ccb3036eea1891c65c

data/LICENSE

@@ -0,0 +1,22 @@
+MIT License
+
+Copyright (c) 2025 Gaurav
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+

data/README.md

@@ -0,0 +1,461 @@
+# BoringServices
+
+Deploy infrastructure services (Memcached, Redis, HAProxy, Nginx) to servers with Ruby and SSH. No Ansible, no Python, no Kubernetes.
+
+Works standalone with any Ruby application or integrates seamlessly with Rails.
+
+## Features
+
+- **Memcached** - In-memory caching with configurable parameters
+- **Redis** - Key-value store and cache
+- **HAProxy** - Load balancer with SSL/TLS support
+- **Nginx** - Web server and reverse proxy
+- **Simple Configuration** - YAML files with environment support
+- **Flexible Overrides** - Custom config templates or parameter overrides
+- **Secret Management** - Environment variables or command execution
+- **SSH Deployment** - Direct deployment to Ubuntu servers
+- **Health Checks** - Monitor service status across hosts
+- **VPN Support** - Optional private_ip field for VPN/WireGuard deployments
+- **Rails Integration** - Generators, rake tasks, and seamless integration
+- **Standalone Support** - Works with any Ruby application
+
+## Quick Start
+
+### Standalone
+
+```bash
+gem install boring_services
+boringservices setup
+boringservices status
+
+# Target a different config/environment
+BORING_SERVICES_CONFIG=config/services.staging.yml \
+BORING_SERVICES_ENV=staging boringservices setup
+```
+
+### Rails Integration
+
+```ruby
+# Gemfile
+gem 'boring_services'
+```
+
+```bash
+# Generate config
+rails generate boring_services:install
+
+# Deploy services
+rails boring_services:setup
+
+# Deploy using a different config/environment
+BORING_SERVICES_CONFIG=config/services.staging.yml BORING_SERVICES_ENV=staging \
+  rails boring_services:setup
+
+# Check health
+rails boring_services:health
+```
+
+## Configuration
+
+Create `config/services.yml`:
+
+```yaml
+production:
+  user: ubuntu
+  ssh_key: ~/.ssh/id_rsa
+  forward_agent: true
+  use_ssh_agent: false
+  ssh_auth_methods:
+    - publickey
+
+  services:
+    - name: memcached
+      enabled: true
+      hosts:
+        - host: 10.8.0.20
+          label: cache-a
+        - host: 10.8.0.21
+          label: cache-b
+      port: 11211
+      memory_mb: 256
+
+    - name: redis
+      enabled: true
+      host: 10.8.0.22
+      port: 6379
+      memory_mb: 1024
+
+    - name: haproxy
+      enabled: true
+      hosts:
+        - 10.8.0.30
+      port: 80
+      stats_port: 8404
+      backends:
+        - host: 10.8.0.10
+          port: 3000
+        - host: 10.8.0.11
+          port: 3000
+
+  secrets:
+    redis_password: $REDIS_PASSWORD
+```
+
+Use `host:` for a single target or `hosts:` for multiple VMs. When using `hosts`, each entry can be a simple hostname/IP or a hash with per-host overrides (e.g., `label`, `port`, or `memory_mb`).
+
+### Service Options
+
+#### Memcached
+
+**Basic Configuration:**
+
+```yaml
+- name: memcached
+  enabled: true
+  hosts:
+    - 10.8.0.20
+  port: 11211         # Default: 11211
+  memory_mb: 256      # Memory allocation in MB
+```
+
+**With Custom Parameters:**
+
+```yaml
+- name: memcached
+  enabled: true
+  host: 10.8.0.20
+  port: 11211
+  memory_mb: 512
+  custom_params:
+    listen_address: 0.0.0.0      # Default: 0.0.0.0
+    max_connections: 2048         # Default: 1024
+    max_item_size: 2m             # Optional: max item size
+    verbosity: 2                  # Optional: 0-3 for debug output
+```
+
+**With Custom Config Template:**
+
+```yaml
+- name: memcached
+  enabled: true
+  host: 10.8.0.20
+  custom_config_template: config/memcached.custom.conf  # Path to custom config file
+```
+
+#### Redis
+
+```yaml
+- name: redis
+  enabled: true
+  hosts:
+    - 10.8.0.21
+  port: 6379          # Default: 6379
+  memory_mb: 512      # Memory allocation
+```
+
+Optional password protection via secrets:
+
+```yaml
+secrets:
+  redis_password: $REDIS_PASSWORD
+```
+
+#### HAProxy
+
+**Basic HTTP Load Balancer:**
+
+```yaml
+- name: haproxy
+  enabled: true
+  host: 10.8.0.30
+  port: 80            # Frontend port
+  stats_port: 8404    # Stats dashboard port
+  backends:
+    - host: 10.8.0.10
+      port: 3000
+    - host: 10.8.0.11
+      port: 3000
+```
+
+**HTTPS with SSL Termination:**
+
+```yaml
+- name: haproxy
+  enabled: true
+  host: 34.123.78.90
+  port: 80                # Redirects to HTTPS
+  https_port: 443         # SSL/TLS port
+  stats_port: 8404
+  ssl: true
+  ssl_cert: $(op read "op://MyVault/haproxy-ssl/certificate")
+  ssl_key: $(op read "op://MyVault/haproxy-ssl/private_key")
+  backends:
+    - host: 192.168.1.10
+      port: 3000
+    - host: 192.168.1.11
+      port: 3000
+```
+
+**With Custom Parameters:**
+
+```yaml
+- name: haproxy
+  enabled: true
+  host: 10.8.0.30
+  port: 80
+  stats_port: 8404
+  custom_params:
+    timeout_connect: 10000        # Default: 5000ms
+    timeout_client: 60000          # Default: 50000ms
+    timeout_server: 60000          # Default: 50000ms
+    balance: leastconn             # Default: roundrobin
+    health_check_path: /healthz    # Default: /health
+    ssl_ciphers: CUSTOM_CIPHERS    # Custom SSL cipher suite
+    ssl_options: no-sslv3          # Custom SSL options
+  backends:
+    - host: 10.8.0.10
+      port: 3000
+```
+
+**With Custom Config Template:**
+
+```yaml
+- name: haproxy
+  enabled: true
+  host: 10.8.0.30
+  custom_config_template: config/haproxy.custom.cfg  # Path to custom HAProxy config
+  # Note: When using custom template, most other options are ignored
+```
+
+**SSL Certificate Options:**
+
+```yaml
+# Option 1: 1Password CLI
+ssl_cert: $(op read "op://MyVault/haproxy-ssl/certificate")
+ssl_key: $(op read "op://MyVault/haproxy-ssl/private_key")
+
+# Option 2: Environment variables
+ssl_cert: $HAPROXY_SSL_CERT
+ssl_key: $HAPROXY_SSL_KEY
+
+# Option 3: Rails credentials (Rails only)
+ssl_cert: $(rails credentials:show | yq .haproxy.ssl.cert)
+ssl_key: $(rails credentials:show | yq .haproxy.ssl.key)
+
+# Option 4: Local files
+ssl_cert: $(cat /path/to/cert.pem)
+ssl_key: $(cat /path/to/key.pem)
+```
+
+**HAProxy Features:**
+- ✅ **Config Validation** - Automatically validates HAProxy config before applying
+- ✅ **SSL/TLS Support** - Automatic HTTPS setup with certificate management
+- ✅ **Self-Signed Fallback** - Generates self-signed cert if none provided
+- ✅ **HTTP → HTTPS Redirect** - Automatic redirect when SSL is enabled
+- ✅ **Health Checks** - Configurable health check endpoint (default: GET /health)
+- ✅ **Stats Dashboard** - Access at `http://your-host:8404/`
+- ✅ **Custom Overrides** - Override timeouts, balance algorithms, SSL ciphers
+- ✅ **Custom Templates** - Bring your own HAProxy config file
+
+#### Nginx
+
+```yaml
+- name: nginx
+  enabled: true
+  hosts:
+    - 10.8.0.40
+  port: 80
+  ssl: true           # Enable HTTPS on port 443
+  backends:
+    - host: 10.8.0.10
+      port: 3000
+```
+
+## CLI Commands
+
+### Install Services
+
+```bash
+boringservices install
+
+boringservices install redis
+
+boringservices install -e staging
+```
+
+### Check Status
+
+```bash
+boringservices status
+
+boringservices status -e production
+```
+
+### Restart Services
+
+```bash
+boringservices restart redis
+
+boringservices restart haproxy -e staging
+```
+
+### Uninstall Services
+
+```bash
+boringservices uninstall memcached
+```
+
+## Rails Integration
+
+Add to your `Gemfile`:
+
+```ruby
+gem 'boring_services'
+```
+
+Generate configuration:
+
+```bash
+rails generate boring_services:install
+# Creates config/services.yml
+
+rails boring_services:setup
+# Deploys all enabled services
+```
+
+Use services in your Rails app:
+
+```ruby
+Rails.application.configure do
+  # Connect to Memcached
+  config.cache_store = :mem_cache_store, '10.8.0.20:11211', '10.8.0.21:11211'
+
+  # Connect to Redis for sessions
+  config.session_store :redis_store,
+    servers: ['redis://10.8.0.22:6379/0/session'],
+    expire_after: 90.minutes
+end
+```
+
+**Available Rake Tasks:**
+
+```bash
+rails boring_services:setup      # Deploy all services
+rails boring_services:health     # Check service health
+rails boring_services:status     # Show service status
+rails boring_services:restart    # Restart all services
+```
+
+## Secrets Management
+
+Use environment variables or command execution:
+
+```yaml
+secrets:
+  # Option 1: Environment variable
+  redis_password: $REDIS_PASSWORD
+
+  # Option 2: 1Password CLI
+  redis_password: $(op read "op://MyVault/redis/password")
+
+  # Option 3: Rails credentials (Rails only)
+  redis_password: $(rails credentials:show | yq .redis.password)
+
+  # Option 4: File-based secrets
+  redis_password: $(cat .secrets/redis_password)
+```
+
+## VPN/Private Network Support
+
+BoringServices supports deploying services over VPN or private networks (e.g., WireGuard, Tailscale):
+
+- **Public IPs** (`host`) for SSH deployment access
+- **Private IPs** (`private_ip`) for service communication
+- Services listen on all interfaces (0.0.0.0) by default
+- Accessible via private network IPs
+- No public exposure of services
+
+**Example with Private IPs:**
+
+```yaml
+services:
+  - name: redis
+    host: 18.234.67.89        # ← Public IP for SSH deployment
+    private_ip: 10.8.0.32     # ← Private VPN IP for connections
+    label: us-east-1
+    port: 6379
+    memory_mb: 1024
+
+  - name: memcached
+    host: 51.15.214.103       # ← Public IP for SSH
+    private_ip: 10.8.0.61     # ← Private VPN IP
+    label: cache-eu
+    port: 11211
+    memory_mb: 256
+```
+
+Your application connects via the private IP:
+
+```ruby
+# Ruby/Rails app
+Redis.new(url: 'redis://10.8.0.32:6379')
+
+# Memcached
+Dalli::Client.new('10.8.0.61:11211')
+```
+
+The `private_ip` field is optional and purely for documentation - use it to track which IPs your application should connect to.
+
+## Health Monitoring
+
+```bash
+boringservices status
+```
+
+Output:
+
+```
+memcached: healthy
+  ✓ 10.8.0.20: running
+  ✓ 10.8.0.21: running
+
+redis: healthy
+  ✓ 10.8.0.22: running
+
+haproxy: healthy
+  ✓ 10.8.0.30: running
+```
+
+## Requirements
+
+- Ruby 3.0+
+- Ubuntu 20.04+ servers (Debian-based distributions)
+- SSH key-based authentication
+- Optional: VPN solution (WireGuard, Tailscale, etc.) for private networking
+
+## Installation
+
+**Standalone Ruby:**
+
+```bash
+gem install boring_services
+```
+
+**With Bundler:**
+
+```ruby
+# Gemfile
+gem 'boring_services'
+```
+
+Then run:
+
+```bash
+bundle install
+```
+
+**For Rails projects**, the gem will automatically integrate with Rails and provide generators and rake tasks.
+
+## License
+
+MIT

data/exe/boringservices

@@ -0,0 +1,5 @@
+#!/usr/bin/env ruby
+
+require_relative '../lib/boring_services'
+
+BoringServices::CLI.start(ARGV)

data/lib/boring_services/cli.rb

@@ -0,0 +1,100 @@
+require 'thor'
+
+module BoringServices
+  class CLI < Thor
+    class_option :config, aliases: '-c', default: ENV['BORING_SERVICES_CONFIG'] || 'config/services.yml',
+                          desc: 'Path to services.yml'
+    class_option :environment, aliases: '-e',
+                               default: ENV['BORING_SERVICES_ENV'] || ENV['BORING_ENVIRONMENT'] ||
+                                        ENV['RAILS_ENV'] || 'production',
+                               desc: 'Environment (production, staging, development)'
+
+    def self.exit_on_failure?
+      true
+    end
+
+    desc 'setup', 'Setup/install all services (alias for install)'
+    def setup
+      config = Configuration.load(options[:config], options[:environment])
+      installer = Installer.new(config)
+      installer.install_all
+    rescue Error => e
+      puts "Error: #{e.message}"
+      exit 1
+    end
+
+    desc 'install [SERVICE]', 'Install service(s) - all services or specific service'
+    def install(service_name = nil)
+      config = Configuration.load(options[:config], options[:environment])
+      installer = Installer.new(config)
+
+      if service_name
+        installer.install_service(service_name)
+      else
+        installer.install_all
+      end
+    rescue Error => e
+      puts "Error: #{e.message}"
+      exit 1
+    end
+
+    desc 'uninstall SERVICE', 'Uninstall a specific service'
+    def uninstall(service_name)
+      config = Configuration.load(options[:config], options[:environment])
+      installer = Installer.new(config)
+      installer.uninstall_service(service_name)
+    rescue Error => e
+      puts "Error: #{e.message}"
+      exit 1
+    end
+
+    desc 'restart SERVICE', 'Restart a specific service'
+    def restart(service_name)
+      config = Configuration.load(options[:config], options[:environment])
+      installer = Installer.new(config)
+      installer.restart_service(service_name)
+    rescue Error => e
+      puts "Error: #{e.message}"
+      exit 1
+    end
+
+    desc 'reconfigure [SERVICE]', 'Reconfigure service(s) - skips package installation, only updates config and restarts'
+    def reconfigure(service_name = nil)
+      config = Configuration.load(options[:config], options[:environment])
+      installer = Installer.new(config)
+
+      if service_name
+        installer.reconfigure_service(service_name)
+      else
+        installer.reconfigure_all
+      end
+    rescue Error => e
+      puts "Error: #{e.message}"
+      exit 1
+    end
+
+    desc 'status', 'Check health status of all services'
+    def status
+      Configuration.load(options[:config], options[:environment])
+      results = BoringServices.status
+
+      results.each do |service_name, result|
+        puts "\n#{service_name}: #{result[:status]}"
+        next unless result[:hosts]
+
+        result[:hosts].each do |host, host_result|
+          status_icon = host_result[:running] ? '✓' : '✗'
+          puts "  #{status_icon} #{host}: #{host_result[:running] ? 'running' : 'stopped'}"
+        end
+      end
+    rescue Error => e
+      puts "Error: #{e.message}"
+      exit 1
+    end
+
+    desc 'version', 'Show version'
+    def version
+      puts "boring_services #{VERSION}"
+    end
+  end
+end

data/lib/boring_services/configuration.rb

@@ -0,0 +1,80 @@
+require 'yaml'
+require 'erb'
+
+module BoringServices
+  class Configuration
+    attr_reader :config, :environment
+
+    def self.load(config_path = 'config/services.yml', environment = nil)
+      env = environment || ENV['BORING_SERVICES_ENV'] || ENV['BORING_ENVIRONMENT'] || ENV['RAILS_ENV'] || 'production'
+      new(config_path, env)
+    end
+
+    def initialize(config_path, environment)
+      @config_path = config_path
+      @environment = environment.to_s
+      @config = load_config
+    end
+
+    def service_config(service_name)
+      services = @config['services'] || []
+      services.find { |s| s['name'] == service_name.to_s }
+    end
+
+    def service_enabled?(service_name)
+      service = service_config(service_name)
+      service && service['enabled'] != false
+    end
+
+    def services
+      @config['services'] || []
+    end
+
+    def enabled_services
+      services.reject { |s| s['enabled'] == false }
+    end
+
+    def user
+      @config['user'] || 'ubuntu'
+    end
+
+    def ssh_key
+      @config['ssh_key'] || '~/.ssh/id_rsa'
+    end
+
+    def forward_agent
+      return @config['forward_agent'] unless @config['forward_agent'].nil?
+
+      true
+    end
+
+    def use_ssh_agent
+      return @config['use_ssh_agent'] unless @config['use_ssh_agent'].nil?
+
+      false
+    end
+
+    def ssh_auth_methods
+      (@config['ssh_auth_methods'] || ['publickey']).map(&:to_s)
+    end
+
+    def secrets
+      @config['secrets'] || {}
+    end
+
+    private
+
+    def load_config
+      raise Error, "Config file not found: #{@config_path}" unless File.exist?(@config_path)
+
+      content = File.read(@config_path)
+      erb_result = ERB.new(content).result
+      full_config = YAML.safe_load(erb_result, permitted_classes: [Symbol], aliases: true)
+
+      env_config = full_config[@environment]
+      raise Error, "Environment '#{@environment}' not found in config" unless env_config
+
+      env_config
+    end
+  end
+end

data/lib/boring_services/generators/boring_services/install_generator.rb

@@ -0,0 +1,25 @@
+require 'rails/generators'
+
+module BoringServices
+  module Generators
+    class InstallGenerator < ::Rails::Generators::Base
+      source_root File.expand_path('templates', __dir__)
+
+      def create_config_file
+        template 'services.yml.erb', 'config/services.yml'
+      end
+
+      def show_instructions
+        puts "\n✅ BoringServices installed!"
+        puts "\n📝 Next steps:"
+        puts '  1. Either:'
+        puts '     a) Edit config/services.yml with your service hosts, OR'
+        puts '     b) Use Terraform to auto-generate config/services.yml'
+        puts '  2. Deploy services: rails boring_services:setup'
+        puts '  3. Check status: rails boring_services:status'
+        puts "\n📚 Available: Memcached, Redis, HAProxy (SSL), Nginx"
+        puts '    See config/services.example.yml in gem for examples'
+      end
+    end
+  end
+end